·

sshow (8) Linux Manual Page

ByLinux Manual Posted on Updated on

sshow – SSH traffic analysis tool

Synopsis

sshow [-d] [-i interface | -p pcapfile] [expression]

Description

sshow analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths.

The following advisory describes the attacks implemented by sshow in detail:

http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt

Options

-d

Enable verbose debugging output.

-i interface

Specify the interface to listen on.

-p pcapfile

Process packets from the specified PCAP capture file instead of the network.

expression

Specify a tcpdump(8) filter expression to select traffic to sniff.

See Also

dsniff(8), sshmitm(8)

Authors

Solar Designer <solar [at] openwall.com>
Dug Song <dugsong [at] monkey.org>

Leave a Reply

Your email address will not be published. Required fields are marked *